Privacy & Cybersecurity

Viewpoints

Filter by:

January 17, 2019|
Blog

We have been actively covering the California Consumer Privacy Act on our blog as it evolves including here and here. Please join us on February 6th for the first webinar in our California Consumer Privacy Act Series.

January 7, 2019|
Blog

Mintz Member Cynthia Larose and her thought leadership on all things Privacy has been selected for a National Law Review “Go-To Thought Leadership Award.” The inaugural awards recognize 65 exceptional authors and legal organizations for their reporting of complex legislative and litigation news, as well as their strategic insight and overall legal industry knowledge.

December 12, 2018|
Blog

Recently, Oath, a wholly-owned subsidiary of Verizon Communications agreed to pay $4.95 million to settle charges from the New York attorney general’s office that the company’s online advertising business was violating federal law.

December 12, 2018|
Blog

It has been a busy few weeks for HIPAA enforcement. On Tuesday, the Office for Civil Rights announced its third resolution of a HIPAA breach in as many weeks. In this latest matter, OCR announced that Pagosa Springs Medical Center (PSMC), a critical access hospital in Colorado, has agreed to both pay $111,400 to the Office for Civil Rights (OCR) as well as adopt a comprehensive, two-year corrective action plan (CAP) to address and settle potential HIPAA violations.

December 6, 2018|
Blog

Recently, Amazon refused (registration required) to provide data from an Amazon Echo device in a case involving the a double homicide in response to an order issued by a New Hampshire state judge. Prosecutors believe that the Echo may have recorded data relevant to the crime; a potential perpetrator has already been charged.

November 29, 2018|
Blog

Companies based outside of the European Union sometimes find it challenging to determine whether the General Data Protection Regulation (GDPR) applies to them. And if they finally work out that the GDPR applies, they then have the challenge of finding a local representative as required by Art. 27.

November 15, 2018|
Blog

Recently, the Federal Trade Commission (“FTC”) announced that it has finalized its expanded settlement with ride-haling giant, Uber Technologies, Inc. (“Uber”) related to two major data breach incidents. The initial breach occurred in 2014 and led to an FTC investigation into Uber’s data storage practices for rider and driver data.

October 22, 2018|
Blog

If you are a medical device manufacturer, the Food and Drug Administration (FDA) says that you should prepare a “cybersecurity bill of materials” before marketing your devices. As outlined in our sister blog’s post, the requirement would require manufacturers to produce a list of the components that could be susceptible to vulnerabilities.

October 4, 2018|
Blog

California continues to lead the nation in cybersecurity and privacy legislation on the heels of the recent California Consumer Privacy Act of 2018 (“CCPA”). Governor Brown recently signed into law two nearly identical bills, Assembly Bill No. 1906 and Senate Bill No. 327 (the “Legislation”) each of which required the signing of the other to become law, on September 28th, 2018.

October 1, 2018|
Blog

Welcome to October! October 2018 marks the 15th year of the observance of National Cyber Security Awareness Month, a joint effort of the U.S. Department of Homeland Security and the National Cyber Security Awareness Alliance. We’ll be keeping you updated on all things privacy and security throughout the month.

September 20, 2018|
Blog

As previously noted in this blog, the Neiman Marcus payment card data theft class action reflects a lenient approach to the issue of standing in data breach cases. In that case, the Seventh Circuit rejected arguments that customers claiming to have sustained only the theft of debit and credit card information had not alleged sufficient injury to have standing to sue.

September 4, 2018|
Blog

Labor Day is passed, and the Privacy & Security Matters blog is back after a bit of a hiatus. The California State Legislature was busy up to the last day of the session working on privacy legislation.

July 5, 2018|
Blog

The European Parliament passed a resolution today strongly criticizing Privacy Shield and recommending that Privacy Shield be suspended as of September 1, 2018, if the US doesn’t shape up by that deadline. Should US companies that rely on Privacy Shield panic?

July 3, 2018|
Blog

In its most recent Cybersecurity Newsletter, OCR focuses on the intersection of HIPAA and information security. To be sure, HIPAA requires covered entities and business associates to address their organizations’ information security.

June 29, 2018|
Blog

June 28, 2018 will be a watershed day in the history of U.S. data privacy legislation. California has become the first state to move away from the U.S. approach of legislating data privacy in slow bits.

June 25, 2018|
Blog

Manufacturers of wireless devices used for Internet of Things (IoT) applications should take heed of new Trump Administration proposals aimed at reducing the cybersecurity threats from botnets and other automated and distributed attacks.

June 20, 2018|
Blog

In the latest decision concerning standing in data breach cases, the Fourth Circuit has vacated a district court’s dismissal and reinstated putative class action data breach litigation against the National Board of Examiners in Optometry Inc. (“NBEO”).

June 14, 2018|
Blog

Earlier this week, I moderated a panel discussion at an event hosted by the New York chapter of the Health Information and Management Systems Society (HIMSS). The panel was comprised of private sector health information technology and security experts and was tasked with discussing challenges related to the interoperability and security of health information systems.